GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,542 advisories
Filter by severity
A SQL injection vulnerability in feature services provided by Esri ArcGIS Server 10.9 and below...
Critical
Unreviewed
CVE-2021-29114
was published
Dec 8, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated...
Critical
Unreviewed
CVE-2021-43035
was published
Dec 7, 2021
The WP Data Access WordPress plugin before 5.0.0 does not properly sanitise and escape the...
Critical
Unreviewed
CVE-2021-24866
was published
Dec 7, 2021
The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and...
Critical
Unreviewed
CVE-2021-24943
was published
Dec 7, 2021
b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter...
Critical
Unreviewed
CVE-2021-31632
was published
Dec 7, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController...
Critical
Unreviewed
CVE-2021-44347
was published
Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage...
Critical
Unreviewed
CVE-2021-44349
was published
Dec 4, 2021
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main...
Critical
Unreviewed
CVE-2021-35414
was published
Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller...
Critical
Unreviewed
CVE-2021-44348
was published
Dec 4, 2021
ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api...
Critical
Unreviewed
CVE-2021-43679
was published
Dec 3, 2021
attendance management system 1.0 is affected by a SQL injection vulnerability in admin...
Critical
Unreviewed
CVE-2021-44280
was published
Dec 2, 2021
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the...
Critical
Unreviewed
CVE-2021-43451
was published
Dec 2, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41677
was published
Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41678
was published
Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41679
was published
Dec 1, 2021
The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not...
Critical
Unreviewed
CVE-2021-24915
was published
Nov 30, 2021
The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is...
Critical
Unreviewed
CVE-2021-36916
was published
Nov 25, 2021
ProTip!
Advisories are also available from the
GraphQL API